From 43ae3dd2cee49445b5816967d2a39f580b1a42aa Mon Sep 17 00:00:00 2001
From: "Captain.B" <bin@fit2cloud.com>
Date: Tue, 19 Jan 2021 15:49:20 +0800
Subject: [PATCH] =?UTF-8?q?feat(xPack):=20CAS=20=E7=99=BB=E5=BD=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/pom.xml                               |  18 ---
 .../metersphere/commons/utils/ShiroUtils.java |   7 +-
 .../io/metersphere/config/ShiroConfig.java    |  11 +-
 .../controller/IndexController.java           |  12 --
 .../controller/request/LoginRequest.java      |   1 +
 .../io/metersphere/security/ApiKeyFilter.java |   1 -
 .../user => security}/MsUserToken.java        |   2 +-
 .../UserModularRealmAuthenticator.java        |   2 +-
 .../security/{ => realm}/LdapRealm.java       |   2 +-
 .../security/{ => realm}/ShiroDBRealm.java    |   2 +-
 .../io/metersphere/service/UserService.java   |   6 +-
 backend/src/main/java/io/metersphere/xpack    |   2 +-
 .../components/common/head/HeaderUser.vue     | 129 +++++++++---------
 frontend/src/business/components/xpack        |   2 +-
 frontend/src/login/Login.vue                  |  38 +++---
 15 files changed, 100 insertions(+), 135 deletions(-)
 rename backend/src/main/java/io/metersphere/{commons/user => security}/MsUserToken.java (93%)
 rename backend/src/main/java/io/metersphere/{commons/user => security}/UserModularRealmAuthenticator.java (97%)
 rename backend/src/main/java/io/metersphere/security/{ => realm}/LdapRealm.java (98%)
 rename backend/src/main/java/io/metersphere/security/{ => realm}/ShiroDBRealm.java (99%)

diff --git a/backend/pom.xml b/backend/pom.xml
index 8309c7fd26..3bae3d6a29 100644
--- a/backend/pom.xml
+++ b/backend/pom.xml
@@ -312,24 +312,6 @@
             <scope>runtime</scope>
         </dependency>
 
-        <!--  buji-pac4j  -->
-        <dependency>
-            <groupId>org.pac4j</groupId>
-            <artifactId>pac4j-cas</artifactId>
-            <version>3.0.2</version>
-        </dependency>
-        <dependency>
-            <groupId>io.buji</groupId>
-            <artifactId>buji-pac4j</artifactId>
-            <version>4.0.0</version>
-            <exclusions>
-                <exclusion>
-                    <artifactId>shiro-web</artifactId>
-                    <groupId>org.apache.shiro</groupId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-
         <dependency>
             <groupId>org.jsoup</groupId>
             <artifactId>jsoup</artifactId>
diff --git a/backend/src/main/java/io/metersphere/commons/utils/ShiroUtils.java b/backend/src/main/java/io/metersphere/commons/utils/ShiroUtils.java
index 2cf98d199a..b6afeac049 100644
--- a/backend/src/main/java/io/metersphere/commons/utils/ShiroUtils.java
+++ b/backend/src/main/java/io/metersphere/commons/utils/ShiroUtils.java
@@ -21,7 +21,12 @@ public class ShiroUtils {
         filterChainDefinitionMap.put("/js/**", "anon");
         filterChainDefinitionMap.put("/img/**", "anon");
         filterChainDefinitionMap.put("/fonts/**", "anon");
-
+        filterChainDefinitionMap.put("/display/info", "anon");
+        filterChainDefinitionMap.put("/favicon.ico", "anon");
+        filterChainDefinitionMap.put("/display/file/**", "anon");
+        filterChainDefinitionMap.put("/jmeter/download/**", "anon");
+        filterChainDefinitionMap.put("/authsource/list/allenable", "anon");
+        filterChainDefinitionMap.put("/sso/signin", "anon");
         // for swagger
         filterChainDefinitionMap.put("/swagger-ui.html", "anon");
         filterChainDefinitionMap.put("/swagger-ui/**", "anon");
diff --git a/backend/src/main/java/io/metersphere/config/ShiroConfig.java b/backend/src/main/java/io/metersphere/config/ShiroConfig.java
index 1dbe552457..81f8848c51 100644
--- a/backend/src/main/java/io/metersphere/config/ShiroConfig.java
+++ b/backend/src/main/java/io/metersphere/config/ShiroConfig.java
@@ -1,10 +1,10 @@
 package io.metersphere.config;
 
-import io.metersphere.commons.user.UserModularRealmAuthenticator;
 import io.metersphere.commons.utils.ShiroUtils;
 import io.metersphere.security.ApiKeyFilter;
-import io.metersphere.security.LdapRealm;
-import io.metersphere.security.ShiroDBRealm;
+import io.metersphere.security.UserModularRealmAuthenticator;
+import io.metersphere.security.realm.LdapRealm;
+import io.metersphere.security.realm.ShiroDBRealm;
 import org.apache.shiro.authc.pam.FirstSuccessfulStrategy;
 import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
 import org.apache.shiro.cache.MemoryConstrainedCacheManager;
@@ -46,10 +46,7 @@ public class ShiroConfig implements EnvironmentAware {
         shiroFilterFactoryBean.getFilters().put("apikey", new ApiKeyFilter());
         Map<String, String> filterChainDefinitionMap = shiroFilterFactoryBean.getFilterChainDefinitionMap();
         ShiroUtils.loadBaseFilterChain(filterChainDefinitionMap);
-        filterChainDefinitionMap.put("/display/info", "anon");
-        filterChainDefinitionMap.put("/favicon.ico", "anon");
-        filterChainDefinitionMap.put("/display/file/**", "anon");
-        filterChainDefinitionMap.put("/jmeter/download/**", "anon");
+
         filterChainDefinitionMap.put("/**", "apikey, authc");
         return shiroFilterFactoryBean;
     }
diff --git a/backend/src/main/java/io/metersphere/controller/IndexController.java b/backend/src/main/java/io/metersphere/controller/IndexController.java
index 29503b9c53..868b253dd3 100644
--- a/backend/src/main/java/io/metersphere/controller/IndexController.java
+++ b/backend/src/main/java/io/metersphere/controller/IndexController.java
@@ -1,7 +1,6 @@
 package io.metersphere.controller;
 
 import io.metersphere.commons.utils.SessionUtils;
-import org.apache.shiro.SecurityUtils;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -23,15 +22,4 @@ public class IndexController {
             return "redirect:/";
         }
     }
-
-    @GetMapping(value = "/sso/login")
-    public String ossLogin() {
-        return "redirect:/";
-    }
-
-    @GetMapping(value = "/sso/logout")
-    public void ossLogout() {
-        SecurityUtils.getSubject().logout();
-    }
-
 }
diff --git a/backend/src/main/java/io/metersphere/controller/request/LoginRequest.java b/backend/src/main/java/io/metersphere/controller/request/LoginRequest.java
index ae01b80255..db6cb22e65 100644
--- a/backend/src/main/java/io/metersphere/controller/request/LoginRequest.java
+++ b/backend/src/main/java/io/metersphere/controller/request/LoginRequest.java
@@ -8,4 +8,5 @@ import lombok.Setter;
 public class LoginRequest {
     private String username;
     private String password;
+    private String authenticate;
 }
diff --git a/backend/src/main/java/io/metersphere/security/ApiKeyFilter.java b/backend/src/main/java/io/metersphere/security/ApiKeyFilter.java
index 8eebd064f0..bf1d3b8652 100644
--- a/backend/src/main/java/io/metersphere/security/ApiKeyFilter.java
+++ b/backend/src/main/java/io/metersphere/security/ApiKeyFilter.java
@@ -1,6 +1,5 @@
 package io.metersphere.security;
 
-import io.metersphere.commons.user.MsUserToken;
 import io.metersphere.commons.utils.LogUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.SecurityUtils;
diff --git a/backend/src/main/java/io/metersphere/commons/user/MsUserToken.java b/backend/src/main/java/io/metersphere/security/MsUserToken.java
similarity index 93%
rename from backend/src/main/java/io/metersphere/commons/user/MsUserToken.java
rename to backend/src/main/java/io/metersphere/security/MsUserToken.java
index feec1fdd09..f72326ec18 100644
--- a/backend/src/main/java/io/metersphere/commons/user/MsUserToken.java
+++ b/backend/src/main/java/io/metersphere/security/MsUserToken.java
@@ -1,4 +1,4 @@
-package io.metersphere.commons.user;
+package io.metersphere.security;
 
 import org.apache.shiro.authc.UsernamePasswordToken;
 
diff --git a/backend/src/main/java/io/metersphere/commons/user/UserModularRealmAuthenticator.java b/backend/src/main/java/io/metersphere/security/UserModularRealmAuthenticator.java
similarity index 97%
rename from backend/src/main/java/io/metersphere/commons/user/UserModularRealmAuthenticator.java
rename to backend/src/main/java/io/metersphere/security/UserModularRealmAuthenticator.java
index 7efc234dd4..c566e42832 100644
--- a/backend/src/main/java/io/metersphere/commons/user/UserModularRealmAuthenticator.java
+++ b/backend/src/main/java/io/metersphere/security/UserModularRealmAuthenticator.java
@@ -1,4 +1,4 @@
-package io.metersphere.commons.user;
+package io.metersphere.security;
 
 import io.metersphere.commons.exception.MSException;
 import org.apache.shiro.authc.AuthenticationException;
diff --git a/backend/src/main/java/io/metersphere/security/LdapRealm.java b/backend/src/main/java/io/metersphere/security/realm/LdapRealm.java
similarity index 98%
rename from backend/src/main/java/io/metersphere/security/LdapRealm.java
rename to backend/src/main/java/io/metersphere/security/realm/LdapRealm.java
index 9a56cebb37..dc0d33eb2f 100644
--- a/backend/src/main/java/io/metersphere/security/LdapRealm.java
+++ b/backend/src/main/java/io/metersphere/security/realm/LdapRealm.java
@@ -1,4 +1,4 @@
-package io.metersphere.security;
+package io.metersphere.security.realm;
 
 
 import io.metersphere.base.domain.Role;
diff --git a/backend/src/main/java/io/metersphere/security/ShiroDBRealm.java b/backend/src/main/java/io/metersphere/security/realm/ShiroDBRealm.java
similarity index 99%
rename from backend/src/main/java/io/metersphere/security/ShiroDBRealm.java
rename to backend/src/main/java/io/metersphere/security/realm/ShiroDBRealm.java
index f9fe536df8..3d4a5ed12d 100644
--- a/backend/src/main/java/io/metersphere/security/ShiroDBRealm.java
+++ b/backend/src/main/java/io/metersphere/security/realm/ShiroDBRealm.java
@@ -1,4 +1,4 @@
-package io.metersphere.security;
+package io.metersphere.security.realm;
 
 
 import io.metersphere.base.domain.Role;
diff --git a/backend/src/main/java/io/metersphere/service/UserService.java b/backend/src/main/java/io/metersphere/service/UserService.java
index a4f529fd64..c34ee15bb0 100644
--- a/backend/src/main/java/io/metersphere/service/UserService.java
+++ b/backend/src/main/java/io/metersphere/service/UserService.java
@@ -8,7 +8,6 @@ import io.metersphere.commons.constants.RoleConstants;
 import io.metersphere.commons.constants.UserSource;
 import io.metersphere.commons.constants.UserStatus;
 import io.metersphere.commons.exception.MSException;
-import io.metersphere.commons.user.MsUserToken;
 import io.metersphere.commons.user.SessionUser;
 import io.metersphere.commons.utils.CodingUtil;
 import io.metersphere.commons.utils.SessionUtils;
@@ -24,6 +23,7 @@ import io.metersphere.dto.UserDTO;
 import io.metersphere.dto.UserRoleDTO;
 import io.metersphere.i18n.Translator;
 import io.metersphere.notice.domain.UserDetail;
+import io.metersphere.security.MsUserToken;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.*;
@@ -559,16 +559,14 @@ public class UserService {
         String login = (String) SecurityUtils.getSubject().getSession().getAttribute("authenticate");
         String username = StringUtils.trim(request.getUsername());
         String password = "";
-        String loginType = UserSource.LDAP.name();
         if (!StringUtils.equals(login, UserSource.LDAP.name())) {
-            loginType = UserSource.LOCAL.name();
             password = StringUtils.trim(request.getPassword());
             if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
                 return ResultHolder.error("user or password can't be null");
             }
         }
 
-        MsUserToken token = new MsUserToken(username, password, loginType);
+        MsUserToken token = new MsUserToken(username, password, login);
         Subject subject = SecurityUtils.getSubject();
         try {
             subject.login(token);
diff --git a/backend/src/main/java/io/metersphere/xpack b/backend/src/main/java/io/metersphere/xpack
index 36116c1bff..c2ed883e9b 160000
--- a/backend/src/main/java/io/metersphere/xpack
+++ b/backend/src/main/java/io/metersphere/xpack
@@ -1 +1 @@
-Subproject commit 36116c1bff736377e6b8a3b828c5fa9bd8b2f2f8
+Subproject commit c2ed883e9be6fc7e01589f81916bf4ddc62148c0
diff --git a/frontend/src/business/components/common/head/HeaderUser.vue b/frontend/src/business/components/common/head/HeaderUser.vue
index 464f5139b2..ce11e27682 100644
--- a/frontend/src/business/components/common/head/HeaderUser.vue
+++ b/frontend/src/business/components/common/head/HeaderUser.vue
@@ -1,7 +1,7 @@
 <template>
   <el-dropdown size="medium" @command="handleCommand" class="align-right">
     <span class="dropdown-link">
-        {{currentUser.name}}<i class="el-icon-caret-bottom el-icon--right"/>
+        {{ currentUser.name }}<i class="el-icon-caret-bottom el-icon--right"/>
     </span>
     <template v-slot:dropdown>
       <el-dropdown-menu>
@@ -23,82 +23,77 @@
 </template>
 
 <script>
-  import {getCurrentUser} from "../../../../common/js/utils";
-  import AboutUs from "./AboutUs";
-  import axios from "axios";
+import {getCurrentUser} from "@/common/js/utils";
+import AboutUs from "./AboutUs";
+import axios from "axios";
 
-  export default {
-    name: "MsUser",
-    components: {AboutUs},
-    data() {
-      return {
-        isReadOnly: this.$store.state.isReadOnly.flag
-      }
-    },
-    computed: {
-      currentUser: () => {
-        return getCurrentUser();
-      }
-    },
-    methods: {
-      handleCommand(command) {
-        switch (command) {
-          case "personal":
-            // TODO 优化路由跳转，避免重复添加路由
-            this.$router.push('/setting/personsetting').catch(error => error);
-            break;
-          case "logout":
-            axios.get("/signout").then(response => {
-              if (response.data.success) {
-                localStorage.clear();
-                window.location.href = "/login";
-              } else {
-                if (response.data.message === 'sso') {
-                  localStorage.clear();
-                  window.location.href = "/sso/logout"
-                }
-              }
-            }).catch(error => {
+export default {
+  name: "MsUser",
+  components: {AboutUs},
+  data() {
+    return {
+      isReadOnly: this.$store.state.isReadOnly.flag
+    }
+  },
+  computed: {
+    currentUser: () => {
+      return getCurrentUser();
+    }
+  },
+  methods: {
+    handleCommand(command) {
+      switch (command) {
+        case "personal":
+          // TODO 优化路由跳转，避免重复添加路由
+          this.$router.push('/setting/personsetting').catch(error => error);
+          break;
+        case "logout":
+          axios.get("/signout").then(response => {
+            if (response.data.success) {
               localStorage.clear();
               window.location.href = "/login";
-            });
-            break;
-          case "about":
-            this.$refs.aboutUs.open();
-            break;
-          case "help":
-            window.location.href = "https://metersphere.io/docs/index.html";
-            break;
-          default:
-            break;
-        }
-      },
-      changeBar(item) {
-        this.isReadOnly = !this.isReadOnly
-        this.$store.commit('setFlag', this.isReadOnly);
-        this.$store.commit('setValue', item);
-        if(item=="old"){
-          window.location.href = "/#/api/home_obsolete";
-        }else {
-          window.location.href = "/#/api/home";
-        }
-
+            }
+          }).catch(error => {
+            localStorage.clear();
+            window.location.href = "/login";
+          });
+          break;
+        case "about":
+          this.$refs.aboutUs.open();
+          break;
+        case "help":
+          window.location.href = "https://metersphere.io/docs/index.html";
+          break;
+        default:
+          break;
       }
+    },
+    changeBar(item) {
+      this.isReadOnly = !this.isReadOnly
+      this.$store.commit('setFlag', this.isReadOnly);
+      this.$store.commit('setValue', item);
+      if (item == "old") {
+        window.location.href = "/#/api/home_obsolete";
+      } else {
+        window.location.href = "/#/api/home";
+      }
+
     }
   }
+}
 </script>
 
 <style scoped>
-  .dropdown-link {
-    cursor: pointer;
-    font-size: 12px;
-    color: rgb(245, 245, 245);
-    line-height: 40px;
-  }
+.dropdown-link {
+  cursor: pointer;
+  font-size: 12px;
+  color: rgb(245, 245, 245);
+  line-height: 40px;
+}
 
-  .align-right {
-    float: right;
-  }
+.align-right {
+  float: right;
+}
 
 </style>
 
diff --git a/frontend/src/business/components/xpack b/frontend/src/business/components/xpack
index 3d96d7c61b..cea763d974 160000
--- a/frontend/src/business/components/xpack
+++ b/frontend/src/business/components/xpack
@@ -1 +1 @@
-Subproject commit 3d96d7c61bc50f32f18311d23f447663e02d7d44
+Subproject commit cea763d974b213104f6d6fc30ab48434b72e10f4
diff --git a/frontend/src/login/Login.vue b/frontend/src/login/Login.vue
index cae9162e76..8a957c3720 100644
--- a/frontend/src/login/Login.vue
+++ b/frontend/src/login/Login.vue
@@ -18,6 +18,7 @@
               <el-radio-group v-model="form.authenticate">
                 <el-radio label="LDAP" size="mini" v-if="openLdap">LDAP</el-radio>
                 <el-radio label="LOCAL" size="mini" v-if="openLdap">普通登录</el-radio>
+                <el-radio :label="auth.id" size="mini" v-for="auth in authSources" :key="auth.id">{{ auth.type }} {{ auth.name }}</el-radio>
               </el-radio-group>
             </el-form-item>
             <el-form-item prop="username">
@@ -52,6 +53,7 @@ import {DEFAULT_LANGUAGE} from "@/common/js/constants";
 
 const requireComponent = require.context('@/business/components/xpack/', true, /\.vue$/);
 const display = requireComponent.keys().length > 0 ? requireComponent("./display/Display.vue") : {};
+const auth = requireComponent.keys().length > 0 ? requireComponent("./auth/Auth.vue") : {};
 
 export default {
   name: "Login",
@@ -84,7 +86,9 @@ export default {
       msg: '',
       ready: false,
       openLdap: false,
-      loginTitle: this.$t("commons.login") + " MeterSphere"
+      loginTitle: this.$t("commons.login") + " MeterSphere",
+      authSources: [],
+      loginUrl: 'signin',
     }
   },
   beforeCreate() {
@@ -94,17 +98,17 @@ export default {
         display.default.showLogin(this);
       }
 
+      if (auth.default !== undefined) {
+        auth.default.getAuthSources(this);
+      }
+
       if (!response.data.success) {
-        if (response.data.message === 'sso') {
-          window.location.href = "/sso/login"
-        } else {
-          this.ready = true;
-        }
+        this.ready = true;
       } else {
         let user = response.data.data;
         saveLocalStorage(response.data);
         this.getLanguage(user.language);
-        window.location.href = "/"
+        window.location.href = "/";
       }
     });
     this.$get("/ldap/open", response => {
@@ -135,28 +139,24 @@ export default {
         if (valid) {
           switch (this.form.authenticate) {
             case "LOCAL":
-              this.normalLogin();
+              this.loginUrl = "/signin";
+              this.doLogin();
               break;
             case "LDAP":
-              this.ldapLogin();
+              this.loginUrl = "/ldap/signin";
+              this.doLogin();
               break;
             default:
-              this.normalLogin();
+              this.loginUrl = "/sso/signin";
+              this.doLogin();
           }
         } else {
           return false;
         }
       });
     },
-    normalLogin() {
-      this.result = this.$post("signin", this.form, response => {
-        saveLocalStorage(response);
-        sessionStorage.setItem('loginSuccess', 'true');
-        this.getLanguage(response.data.language);
-      });
-    },
-    ldapLogin() {
-      this.result = this.$post("ldap/signin", this.form, response => {
+    doLogin() {
+      this.result = this.$post(this.loginUrl, this.form, response => {
         saveLocalStorage(response);
         sessionStorage.setItem('loginSuccess', 'true');
         this.getLanguage(response.data.language);